Bug Description

This is a tracking bug for a dependency of the juju MIR (bug #912861).

In summary: The security of the ZooKeeper on node 0 is critical. Even with full ACLs this pins all of the security of the local host onto one set of credentials. Users do not need to access ZooKeeper at all. An iptables rule must be added as a line of defense against privilege escalation by requiring that only root owned processes be allowed to access ZooKeeper.